Former NSA Chief Warned Against Selling NSA Secrets 138
An anonymous reader writes Former NSA Chief General Keith Alexander has apparently started his own cybersecurity consulting firm, IronNet Cybersecurity, and approached the banking industry pitching his company's suite of services. Word from Wired indicates that his services cost $1 million per month with a special discount asking price of $600,000 per month. Congressman Alan Grayson (D-FL) expressed concern about General Alexander's activities to the banking industry, stating, "I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods....Without the classified information he acquired in his former position, he literally would have nothing to offer to you." (PDF) The congressman from the House of Representatives reminds the bankers (and General Alexander, should he be listening) that selling top secret information is a federal offense.
bridge for sale (Score:5, Insightful)
The whole Snowden affair demonstrated that they still managed some epic fails.
But sure
Not a good sales pitch: (Score:5, Insightful)
Poor guy... (Score:5, Insightful)
So the poor general can't participate in the usual dance of former Washington insiders who use cronyism and connections to enrich themselves after 'serving' in government?
There should be a name for that... like 401(c)... where c stands for crony capitalism.
Try him and not Snowden then (Score:5, Insightful)
Snowden didn't reveal NSA secrets for his personal profit.
Re:Not a good sales pitch: (Score:5, Insightful)
Alexander's forte seems to be using brute force to break the security of others, not actually keeping an organization secure.
It sure is a good thing that the banking industry is a bunch of totally upstanding, honest, guys, steeped in a culture of prudent moderation, who definitely wouldn't have any interest in the potential applications of NSA-tested 'tailored access operations' for shareholder value, enhanced lobbying, and other exciting things; or the colossal hubris necessary to not even think twice about doing so.
Re:Smacks of Carmack (Score:2, Insightful)
Sure, secrets are secrets. But is *everything* they learned on the job is a secret?
No, not everything.
But if it's something you're trying to sell it for a million dollars a month, those parts are probably secret.
Re:bridge for sale (Score:5, Insightful)
This.
Detecting and stopping an insider from downloading a library of proprietary/classified info outside their job description? Fail.
Capable of searching emails to fulfill a court order for information? Fail.
Bringing a basic (if high-end) new datacenter online? Fail (for not securing a reliable source of electricity).
Obeying the rules that govern their core mission? Fail. Performing their core mission? Fail.
No doubt, the NSA remains every bit as scary as ever, but in more of a "CIA goon" sense than their traditional so-flawlessly-smooth-you-won't-even-know-what-happened reputational sense.
Re: Snowden is cheaper (Score:5, Insightful)
No, it merely means that for selling it you get to go on a trial where in the end you get to make some kind of deal with the state where you can keep half the profit and the other half disappears in some war purses for deals that you don't want to explain why you need funding for them.
If you hand it out for free you get to Gitmo. There's no profit in making a deal with you, you have no money you could offer.
Re:Smacks of Carmack (Score:5, Insightful)
1. When you've worked at a very high level the NSA;
2. When you are selling security information/services; and
3. When your asking price is far higher than competitive services by people who've worked at it far longer than you outside of the NSA,
What do you imagine lies in between publicly known and classified that justifies the price premium? Was he developing security procedures on his own time or at his second job?
NSA = No Sensible Administration ? (Score:5, Insightful)
Michael Moore is a self-taught movie maker. His movie about U.S. government corruption in secret agencies, Fahrenheit 9/11 [boxofficemojo.com], made $222,446,882. It's not like extreme U.S. government corruption is unknown.
There is a HUGE conflict of interest, and the U.S. government seems to have no influential methods of dealing with conflicts of interest. If there is security, people who work for the NSA are less likely to be promoted, and may lose their jobs. That is a powerful reason for NSA employees and management, and other secret U.S. government agencies, to create more insecurity. Since they work entirely in secret, no one can stop them.
U.S. government policies allow many secret agencies. I find it odd that news stories assume that, other than doing things that almost no citizens want, the secret agencies are otherwise well-managed. Numerous examples show that they aren't. For example, Edward Snowden [wikipedia.org], an employee of an NSA sub-contractor, was able to walk away with all the data.
To me, it is also odd that news stories assume that the NSA works to improve security of the U.S. and U.S. citizens. For example, the book House of Bush, House of Saud [wikipedia.org] explains that the Bush and Cheney families worked for the Saudis, who paid them billions for their help. The U.S. taxpayer paid for the arms, military presence, and violence that supposedly was free security for the Saudi government, but actually was, as Saudi acquaintances I met in a gym said long before the 9/11 attack, Saudi government oppression of the Saudi people.
Why does the NSA record phone calls? Is it because learning about some of those calls makes money for someone in control? Investment information, perhaps?
The U.S. government's war in Iraq is now being called a "mistake". For example, Hans Blix: Iraq War was a terrible mistake and violation of U.N. charter [cnn.com]. It wasn't a "mistake", other articles say, it was deliberate deception. For example, Stop Calling the Iraq War a 'Mistake' [huffingtonpost.com].
NSA = No Sales for America. The NSA is a powerful advertisement that anything complicated made by a U.S. manufacturer may have intentional defects or surveillance methods.
Re:Laugh-worthy (Score:4, Insightful)
My point was merely that Alexander's CV has very little on it that isn't either irrelevant to his potential customers (at least I hope our financial sector isn't looking for armored warfare expertise...) or closely connected to a series of fed jobs that just keep getting more heavily classified as time goes on.
Hmm let's see if you can pick out the spot where he would be versed only in armored warfare expertise or looking at secret documents all day (this is his CV for the past 15 years):
Director of the National Security Agency (DIRNSA)
Chief of the Central Security Service (CHCSS)
Commander of the United States Cyber Command
Commanding General of the U.S. Army Intelligence and Security Command
Director of Intelligence (J-2), United States Central Command
Deputy Director for Intelligence (J-2) for the Joint Chiefs of Staff
Head of the Army Intelligence and Security Command
Do you think it's possible, after working (ostensibly successfully) as the head of so many organizations, that he knows nothing about management, leadership, best practices, and nonclassified security methodologies (of which there are many)? Do you honestly think he spent 10 years, as the head of these orgs, pushing top secret papers across his desk instead of having his underlings take care of all of that? Come on. Furthermore, I think a lot of commentators on this thread have a complete misunderstanding of what a high-level consulting firm does. Hint, it has nothing to do with configuring firewalls and antivirus apps. Big multinationals will gladly pay $1M for advice as simple as "choose off the shelf security package A, instead of B" as long as it comes from someone whose credentials are beyond repute. He doesn't have to say anything about top secret operations, techniques, or sources, he just has to put his name behind something.